DNS and DNS Query Types
What is DNS? (Domain Name System)
It is a global name resolution protocol used for TCP/IP networks. DNS servers resolve URL (Uniform Resource Locator) or FQDN (Fully Qualified Domain Name) addresses to IPs, allowing easier server (host) names to be used instead of hard-to-remember IP addresses.
DNS Structure:
FQDN: The full name of the client in the domain. Example: "mail.guler.com"
Machines within a domain use a hierarchical name structure to avoid name conflicts. The DNS database is in a tree structure with the "root" servers at the top. Each subdomain is a domain, and each part that leaves these domains is called a subdomain.
Root Servers: They are located at the top of the DNS system and are where the server name-ip conversion begins. They direct incoming requests to TLD (Top Level Domain) servers. There are 13 root servers in the world.
TLD Servers: This is where the task distribution is made first. It consists of gTLD (generic TLD-generic TLD) and ccTLD (country code TLD-country code TLD).
Major TLD Examples:
| .com | Commercial Organizations | .tr | Turkey |
| .net | Network Organizations | .fr | France |
| .org | Non-Commercial Organizations | .de | Germany |
| .mil | Military Institutions | .br | Brazil |
| .edu | Educational institutions | .it | Italy |
| .gov | Government Institutions | .tr | Turkey |
| .int | International Institutions | .us | America |
| .info | Information Services | .ca | Canada |
| .name | Individual Use | .ru | Russia |
| .tel | Internet, Communication Services | .es | Spain |
| .travel | Travel and Holiday Sector | .travel | - |
| .pro | For professional workers | .pro | - |
| .tv | For video projects and online television | .tv | - |
| .aero | Uses by the aerospace industry. | .aero | - |
| .museum | Used for museums. | .museum | - |
| .io | It is mainly used by technology-related companies. | .io | - |
| etc.. |
Second Level Domain Servers: Domain names of different lengths given to individuals or institutions. Example: "adobe.com" etc.
Subdomains: Additional domains generated from second-level domains in order to expand the DNS tree and divide it into sections at any time.
Authorization:
For the purpose of providing ease of management, the domains in the DNS system are divided into sub-domains and their management is given to different institutions. In this way, the management, protection and responsibility of all data in that sub-domain are transferred to that institution.
DNS Zone Structure:
The domain managed by a DNS server is called a "zone". It contains data such as computer names, RR (resource records), FQDN.
Field Types
Forward Lookup Zone: It is called the area that performs IP resolution from the name.
Primary Zone: It is the only type of field that cannot be managed by any other DNS server other than the master DNS server, which keeps all records on it and has the right to write to the DNS database. Also known as the admin area.
Secondary Zone: It is a type of area that does not have the right to write to the DNS database, and works with the principle of reading only what the primary domain writes. It takes data copies from the primary domain on another DNS server at certain time intervals and works as a backup of it.
Residue Area (Stub Zone): It is a type of area that keeps NS (Name Server-Name server), SOA (Start Of Authority-Start Of Authority) and A (Address Record-Address Record) records and does not have any authority on it. It works on the principle that other domains make NS records on their own without querying the responsible DNS server.
Reverse Lookup Zone: In contrast to the forward lookup zone, it performs name resolution from IP.
Major DNS Record Types
Host(A) (Address Record-Address Record): It is the address records in which server names and ip match are made.
AAA (Address Record): It is a record designed to be used with ip V6, which performs the same function as the A record.
NS (Name Server-Name server): It is the record used to identify the DNS servers in use on the network.
SRV (Service Record): It is a record that enables many similar TCP/IP based servers to be found with a single DNS query.
MX (Mail Exchanger): It is the record that enables the identification of mail servers in the system and their information to be known by DNS.
PTR (Pointer Record): It is a record that contains the name match from the IP address and can only be used in the reverse search field.
SOA (Start Of Authority): It is the first record for all domains that contains the name of the authoritative DNS server on a domain.
TXT (Text-to-Text Record): A location within a text file about a particular resource, etc. record containing information.
CNAME (Canonical Name): It is the record that allows the record in another DNS server to be registered to the domain with a different name.
DNS Domain Transfer
The process of copying the files in any domain database and keeping them by different DNS servers is called DNS Domain Transfer. Changes on domain files can only be made by administrator servers, and domain transfer can only occur with the necessary permissions on the primary DNS server. Domain transfer between primary and secondary DNS servers is done with the help of a serial number in which the version number of the database is kept. The serial number increases with each change of registration. Before each query, the secondary DNS server looks at these serial numbers and, if its serial number is less than the primary DNS server, transfers the changes through the primary server. The main purpose of DNS Domain Transfer is to continue the resolution on the network uninterrupted in case the administrator server crashes or stops.
DNS system consists of name servers and resolvers. Nameservers keep information of IP addresses that match server names. Resolvers, on the other hand, are DNS clients and contain the addresses of DNS servers.
DNS servers are divided into two (2) according to the domain and the authorization status in the domain:
Authoritative DNS Name Server: The server responsible for all queries for a domain or domain. There are two types as Primary server (Primary/Master Server) and Secondary server (Secondary/Slave Server).
Non-Authoritative DNS Name Caching Server (Non-Authoritative DNS Name Caching Server): It is a server that is not authorized for a domain or domain, only takes the data from the first query and stores it in the cache for TTL (Time To Live). This saves time and does not affect bandwidth traffic.
DNS Types: 3 DNS Query Types
There are three types of queries in the DNS system:
Recursive Query
This request that can be made to a DNS Server is as follows: A user in our environment sends a Recursive Query to the DNS Server in his Local. DNS receives this request and checks the information in the Forward Lookup Zone and Cache. The found information is sent back to the Client. If no answer is found, it searches for an answer through Root Hints and Forwarder Addresses and tries to return it. However, if it is not found at the end of all efforts, not found information is returned to the Client.
Non-Recursive Query
A non-recursive query is a query in which the DNS Resolver already knows the answer. It either immediately returns a DNS record because it already stores it in local cache, or queries a DNS Name Server which is authoritative for the record, meaning it definitely holds the correct IP for that hostname. In both cases, there is no need for additional rounds of queries (like in recursive or iterative queries). Rather, a response is immediately returned to the client.
Iterative Query
If a local DNS Server does not receive a response regarding the request, that DNS Server finds the results by referring to other DNS and returns them to the Clients.
DNS Structures According to Usage Patterns
Caching-Only Name Server: It is the DNS structure on which only the DNS server is installed, there is no field structure, and the name resolution is done through a file that is kept in the cache and updated at certain intervals. The period in which the name-IP matches are to be kept in the cache is determined is called TTL. The default value for this time is 60min.
Forwarder:
It is the name given to the process of asking another DNS Server to resolve the Domain names that the DNS Server does not keep on itself. Thanks to this feature, Root Hints will not be used for every name that cannot be resolved.
Conditional Forwarding:
If you know in which DNS Server a Domain is registered, Local or your system is the system that allows people who query that domain to go to the specified DNS directly by passing the Root Hints.
Umarım yararlı olmuştur. - I hope it was helpful